How do I find the Bind DN for the Active Directory user (ACCESS_USER_DN in Rublon Auth Proxy config)?

Modified on Tue, 13 Feb 2024 at 01:54 PM

Rublon Authentication Proxy needs the ACCESS_USER_DN attribute to read Active Directory information during authentication. You need to set ACCESS_USER_DN to the Bind DN of a user who has Read rights in your Active Directory. We recommend you create a new user Rublon with Read-only rights and only use this user for Rublon binding purposes.


How to find the Bind DN?

Here’s how to find the Bind DN of a user:

  1. Open the Command Prompt on your Domain Controller (the server where you installed Active Directory).

  2. Run the following command: dsquery user -name Rublon

  3. You will receive the Bind DN. Copy and set it as the value of the ACCESS_USER_DN field in your Rublon Authentication Proxy’s configuration file.


What do the parts of the Bind DN Query mean?

Here’s an example of a Bind DN:

"CN=Rublon, OU=outestrublon, OU=outest, DC=test, DC=local"


Naturally, your Bind DN will be different, but it will have the CN, OU, and DC elements too, so it is good to know what they stand for.


CN = Common Name

OU = Organizational Unit

DC = Domain Component


Read from right to left, the Bind DN describes how to access the appropriate object in the Active Directory tree.


  1. In the local Domain Component, find the test Domain Component.

  2. In the test Domain Component, find the Organizational Unit called outtest.

  3. In the Organizational Unit called outtest find the Organization Unit called outtestrublon.

  4. In the Organizational Unit called outestrublon find the object that has a common name of Rublon.


Helpful Links

Rublon Authentication Proxy - Documentation

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article